10-19-2011 09:25 AM - edited 10-19-2011 09:31 AM
Hey everyone I'm really reaching out for some guidance here. I troubleshoot and build computers for a living, set up wireless networks etc.. and have a client recently who has had a serious hacking problem. They basically got in a dispute with their next door neighbor who had lived in their house for awhile and helped take care of their sick father a few months ago and he's wreaked havoc on their lives ever since the dispute. He's stolen their credit card numbers, social security numbers, basically committed identity theft and put child pornography on their computers up to the point where they were going to be arrested and everyone in the household charged for it. It's a long story but here's the deal. I reformatted the drive on the desktop and reinstalled windows. Kept everything disconnected from the internet and setup the router settings in the AT&T U-Verse modem on the built in router. I changed the login password to a 24 digit key, set the firewall to block all incoming connections. I disabled the wireless on the U-Verse modem. I set up the E4200 and changed the router login password to a 24 digit key. I set the wireless security to WPA2 with a 64 digit key of random numbers and letters. I installed Comodo Firewall set to Paranoid mode and they bought a VPN service for surfing online. The next day he called me and said windows said the computer had been remotely accessed although Remote Access was disabled (I disabled it). I came over and redid everything. The next day while he was using the computer It randomly asked him to restart and it did a system restore and restored it to the date I had first reformatted it and it had no software on it, firewall etc.. So my question is where do I go from here? They have already reported it to the police awhile back but nothings being done. Are there any other settings I can use in the E4200 to make it more secure? I'm thinking I need to consult a network security specialist.
10-19-2011 11:28 AM
This is kind of a wild idea, but it sounds like, from your description of security and all, that the next door neighbor may still have a house key, or have gotten one. And had physical access to the computer. The only flaw with this line of thinking is that I'm sure that you password protected the Windows system so that no one else could access it that way? But if you have WPA2 on your router with a strong passphrase, and you have disabled remote desktop, then physical access seems the most likely to me.
Just a thought. I'm really sorry that you're having all these problems, but off the top, it doesn't sound like the router is the problem.
10-20-2011 08:41 AM
Yeah the weird thing is he was physically in the house for such a long period of time so who knows what he's done. The only thing is the client's son is in the military and sleeps in the room with the computer with several loaded firearms.
04-29-2012 09:50 AM - edited 04-29-2012 09:52 AM
This sounds a bit too perfect. Please don't forget that it is at least theoretically possible that someone in the household -- it could be anyone -- is actually responsible for all these problems. Sometimes misdeeds can be blamed on the wrong person, either mistakenly (for various possible reasons), or intentionally (for other sorts of reasons).